| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  | ---
 | 
					
						
							|  |  |  |  builtins/shopt.def |    2 ++ | 
					
						
							|  |  |  |  doc/bash.1         |    7 +++++++ | 
					
						
							|  |  |  |  shell.c            |    2 ++ | 
					
						
							|  |  |  |  variables.c        |   13 ++++++++++++- | 
					
						
							|  |  |  |  4 files changed, 23 insertions(+), 1 deletion(-) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | --- shell.c
 | 
					
						
							|  |  |  | +++ shell.c	2014-09-25 20:11:51.000000000 +0000
 | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | @@ -230,6 +230,7 @@ int posixly_correct = 1;	/* Non-zero mea
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  #else | 
					
						
							|  |  |  |  int posixly_correct = 0;	/* Non-zero means posix.2 superset. */ | 
					
						
							|  |  |  |  #endif | 
					
						
							|  |  |  | +int import_functions = IMPORT_FUNCTIONS_DEF;      /* Import functions from environment */
 | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  |  /* Some long-winded argument names.  These are obviously new. */ | 
					
						
							|  |  |  |  #define Int 1 | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | @@ -249,6 +250,7 @@ static const struct {
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |    { "help", Int, &want_initial_help, (char **)0x0 }, | 
					
						
							|  |  |  |    { "init-file", Charp, (int *)0x0, &bashrc_file }, | 
					
						
							|  |  |  |    { "login", Int, &make_login_shell, (char **)0x0 }, | 
					
						
							|  |  |  | +  { "import-functions", Int, &import_functions, (char **)0x0 },
 | 
					
						
							|  |  |  |    { "noediting", Int, &no_line_editing, (char **)0x0 }, | 
					
						
							|  |  |  |    { "noprofile", Int, &no_profile, (char **)0x0 }, | 
					
						
							|  |  |  |    { "norc", Int, &no_rc, (char **)0x0 }, | 
					
						
							|  |  |  | --- variables.c
 | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | +++ variables.c	2014-10-06 08:36:41.299837915 +0000
 | 
					
						
							|  |  |  | @@ -110,6 +110,7 @@ extern time_t shell_start_time;
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  extern int assigning_in_environment; | 
					
						
							|  |  |  |  extern int executing_builtin; | 
					
						
							|  |  |  |  extern int funcnest_max; | 
					
						
							|  |  |  | +extern int import_functions;
 | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  |  #if defined (READLINE) | 
					
						
							|  |  |  |  extern int no_line_editing; | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | @@ -328,6 +329,7 @@ initialize_shell_variables (env, privmod
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |    char *name, *string, *temp_string; | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  |    int c, char_index, string_index, string_length, ro; | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |    SHELL_VAR *temp_var; | 
					
						
							|  |  |  | +  int skipped_import;
 | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  |    create_variable_tables (); | 
					
						
							|  |  |  |   | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | @@ -352,9 +354,12 @@ initialize_shell_variables (env, privmod
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |   | 
					
						
							|  |  |  |        temp_var = (SHELL_VAR *)NULL; | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  | +      skipped_import = 0;
 | 
					
						
							|  |  |  | +  reval:
 | 
					
						
							|  |  |  | +
 | 
					
						
							|  |  |  |        /* If exported function, define it now.  Don't import functions from | 
					
						
							|  |  |  |  	 the environment in privileged mode. */ | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | -      if (privmode == 0 && read_but_dont_execute == 0 && 
 | 
					
						
							|  |  |  | +      if (skipped_import == 0 && privmode == 0 && read_but_dont_execute == 0 && 
 | 
					
						
							|  |  |  |            STREQN (BASHFUNC_PREFIX, name, BASHFUNC_PREFLEN) && | 
					
						
							|  |  |  |            STREQ (BASHFUNC_SUFFIX, name + char_index - BASHFUNC_SUFFLEN) && | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  	  STREQN ("() {", string, 4)) | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | @@ -367,6 +372,12 @@ initialize_shell_variables (env, privmod
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  	  tname = name + BASHFUNC_PREFLEN;	/* start of func name */ | 
					
						
							|  |  |  |  	  tname[namelen] = '\0';		/* now tname == func name */ | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  | +	  if (!import_functions && !interactive_shell) {
 | 
					
						
							|  |  |  | +		  skipped_import = 1;
 | 
					
						
							|  |  |  | +		  report_error (_("Skipping importing function definition for `%s': --import-functions required."), tname);
 | 
					
						
							|  |  |  | +		  goto reval;
 | 
					
						
							|  |  |  | +	  }
 | 
					
						
							|  |  |  | +
 | 
					
						
							|  |  |  |  	  string_length = strlen (string); | 
					
						
							|  |  |  |  	  temp_string = (char *)xmalloc (namelen + string_length + 2); | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  | --- builtins/shopt.def
 | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | +++ builtins/shopt.def	2014-09-30 11:58:14.000000000 +0000
 | 
					
						
							|  |  |  | @@ -90,6 +90,7 @@ extern int autocd;
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  extern int glob_star; | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  |  extern int glob_asciirange; | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  extern int lastpipe_opt; | 
					
						
							|  |  |  | +extern int import_functions;
 | 
					
						
							|  |  |  |   | 
					
						
							|  |  |  |  #if defined (EXTENDED_GLOB) | 
					
						
							|  |  |  |  extern int extended_glob; | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | @@ -192,6 +193,7 @@ static struct {
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |    { "hostcomplete", &perform_hostname_completion, shopt_enable_hostname_completion }, | 
					
						
							|  |  |  |  #endif | 
					
						
							|  |  |  |    { "huponexit", &hup_on_exit, (shopt_set_func_t *)NULL }, | 
					
						
							|  |  |  | +  { "import-functions", &import_functions, (shopt_set_func_t *)NULL },
 | 
					
						
							|  |  |  |    { "interactive_comments", &interactive_comments, set_shellopts_after_change }, | 
					
						
							|  |  |  |    { "lastpipe", &lastpipe_opt, (shopt_set_func_t *)NULL }, | 
					
						
							|  |  |  |  #if defined (HISTORY) | 
					
						
							|  |  |  | --- doc/bash.1
 | 
					
						
							| 
									
										
										
										
											2014-10-22 12:53:54 +00:00
										 |  |  | +++ doc/bash.1	2014-09-30 12:09:40.000000000 +0000
 | 
					
						
							|  |  |  | @@ -240,6 +240,13 @@ The shell becomes restricted (see
 | 
					
						
							| 
									
										
										
										
											2014-09-30 12:41:44 +00:00
										 |  |  |  .B "RESTRICTED SHELL" | 
					
						
							|  |  |  |  below). | 
					
						
							|  |  |  |  .TP | 
					
						
							|  |  |  | +.B \-\-import\-functions
 | 
					
						
							|  |  |  | +This shell is patched in such a way that shell functions in the inported environment
 | 
					
						
							|  |  |  | +will not be expanded due several security issues (e.g. CVE\-2014\-6271).  This option
 | 
					
						
							|  |  |  | +can be used to enable this.  It is also possible to use the
 | 
					
						
							|  |  |  | +.B shopt
 | 
					
						
							|  |  |  | +builtin to do this.
 | 
					
						
							|  |  |  | +.TP
 | 
					
						
							|  |  |  |  .B \-\-verbose | 
					
						
							|  |  |  |  Equivalent to  \fB\-v\fP. | 
					
						
							|  |  |  |  .TP |